Projekte pro Jahr
Abstract
As centralized identity management solutions amass identity
data, they increasingly become attractive targets for cyber attacks,
which entail consequences for users that range from service disruptions
to exposure of sensitive user data. Self-sovereign identity (SSI) strives to
return the control over identity data to the users by building on decentralized
architectures. However, the adoption of SSI systems is currently
hampered by a lack of qualified identity data that satisfies the services'
requirements. Additionally, there is a gap w.r.t the user's privacy: Intermediate
components (e.g., importers or SSI network nodes) learn the
users' sensitive attributes during the derivation of eID data.
In this work, we present a decentralized eID derivation concept that
preserves the users' privacy while maintaining the data's trustworthiness
without revealing the plain data to any component outside the users' control.
Our proposed system also enables users to selectively disclose only
relevant parts of the imported identity assertion according to the service's
requirements. We also implement and evaluate a proof-of-concept
to demonstrate the feasibility and performance of our concept.
data, they increasingly become attractive targets for cyber attacks,
which entail consequences for users that range from service disruptions
to exposure of sensitive user data. Self-sovereign identity (SSI) strives to
return the control over identity data to the users by building on decentralized
architectures. However, the adoption of SSI systems is currently
hampered by a lack of qualified identity data that satisfies the services'
requirements. Additionally, there is a gap w.r.t the user's privacy: Intermediate
components (e.g., importers or SSI network nodes) learn the
users' sensitive attributes during the derivation of eID data.
In this work, we present a decentralized eID derivation concept that
preserves the users' privacy while maintaining the data's trustworthiness
without revealing the plain data to any component outside the users' control.
Our proposed system also enables users to selectively disclose only
relevant parts of the imported identity assertion according to the service's
requirements. We also implement and evaluate a proof-of-concept
to demonstrate the feasibility and performance of our concept.
| Originalsprache | englisch |
|---|---|
| Titel | Information and Communications Security - 21st International Conference, ICICS 2019, Revised Selected Papers |
| Redakteure/-innen | Jianying Zhou, Xiapu Luo, Qingni Shen, Zhen Xu |
| Herausgeber (Verlag) | Springer |
| Seiten | 307-323 |
| Seitenumfang | 17 |
| Band | 11999 |
| ISBN (elektronisch) | 978-3-030-41579-2 |
| ISBN (Print) | 978-3-030-41578-5 |
| DOIs | |
| Publikationsstatus | Veröffentlicht - 18 Feb. 2020 |
| Veranstaltung | 21st International Conference on Information and Communications Security: ICICS 2019 - Peking, China Dauer: 15 Dez. 2019 → 17 Dez. 2019 http://icics.cn |
Publikationsreihe
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Band | 11999 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (elektronisch) | 1611-3349 |
Konferenz
| Konferenz | 21st International Conference on Information and Communications Security |
|---|---|
| Kurztitel | ICICS'19 |
| Land/Gebiet | China |
| Ort | Peking |
| Zeitraum | 15/12/19 → 17/12/19 |
| Internetadresse |
ASJC Scopus subject areas
- Theoretische Informatik
- Informatik (insg.)
Projekte
- 1 Laufend
-
E-Government Innovationszentrum - EGIZ - E-Government Innovationszentrum (EGIZ)
Krnjic, V., Lenz, T., Tauber, A., Posch, R., Abraham, A. & Hörandner, F.
1/09/05 → …
Projekt: Forschungsprojekt